<?php session_start(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
	<?php
		include_once('../setting.php'); include_once('../mysql_connection.php');
		// start 检测是否已经登录
		if ( @$_COOKIE['login'] == 'true' ) {
		?>
		<meta http-equiv="Refresh" content="0;URL=index.php" />
		<?php
		}
		// end 检测是否已经登录
	?> 
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<link rel="stylesheet" href="css/login.css" type="text/css" media="screen" />
	<title>用户登录 -- <?php echo $setting['site_name'];?></title>
</head><body>
	<?php
		// start 登录验证
		if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
			$username_login = $_POST['username'];
			$password_login = $_POST['password'];
			$query_login = "select * from `root` where `username` = '".$username_login."' and `password` = '".md5($password_login)."'";
			$result_login = $mysql_connection->query($query_login);
			$result_login_count = $result_login->num_rows;
			if ($result_login_count > 0 ) {
				setcookie('login', 'true', time()+3600);
			?>
			<meta http-equiv="Refresh" content="0;URL= index.php" /> <!-- 页面转向 -->
			<?php
			} else {
			?>
			<script type="text/javascript">
				alert("用户名或密码错误");
			</script>
			<?php
			}
		}
		// end 登录验证
	?> 
	<div id="content">
		<!-- start 登录表单 -->
		<div id="content_a">
		<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
		<table border="0" align="center">
		<tr><td colspan="2" align="center"><img src="image/logo.png" height="35px"></img></td></tr>
		<tr><td align="right">用户名</td>
		<td><input class="username_text_form" type="text" name="username" id="username" /></td></tr>
		<tr><td align="right">密 码</td>
		<td><input class="password_text_form" type="password" name="password" id="password" /></td></tr>
		<tr><td colspan="2" align="right"><input class="button_login" type="submit" value="登录"</td></tr></table>
		</form>
		</div>
		<!-- end 登录表单 -->
	</div>
	<?php include_once('footer.php'); ?>
</body></html>
